Class: Msf::FrameworkEventSubscriber
- Inherits:
-
Object
- Object
- Msf::FrameworkEventSubscriber
- Defined in:
- lib/msf/core/framework.rb
Instance Attribute Summary
Attributes included from Msf::Framework::Offspring
Instance Method Summary collapse
-
#initialize(framework) ⇒ FrameworkEventSubscriber
constructor
A new instance of FrameworkEventSubscriber.
-
#module_event(name, instance, opts = {}) ⇒ Object
Generic handler for module events.
-
#on_module_complete(instance) ⇒ Object
:category: ::Msf::GeneralEventSubscriber implementors.
-
#on_module_error(instance, exception = nil) ⇒ Object
:category: ::Msf::GeneralEventSubscriber implementors.
-
#on_module_run(instance) ⇒ Object
:category: ::Msf::GeneralEventSubscriber implementors.
-
#on_session_close(session, reason = '') ⇒ Object
:category: ::Msf::SessionEvent implementors.
-
#on_session_command(session, command) ⇒ Object
:category: ::Msf::SessionEvent implementors.
-
#on_session_download(session, rpath, lpath) ⇒ Object
:category: ::Msf::SessionEvent implementors.
-
#on_session_module_run(session, mod) ⇒ Object
:category: ::Msf::SessionEvent implementors.
-
#on_session_open(session) ⇒ Object
:category: ::Msf::SessionEvent implementors.
-
#on_session_output(session, output) ⇒ Object
:category: ::Msf::SessionEvent implementors.
-
#on_session_route(session, route) ⇒ Object
:category: ::Msf::SessionEvent implementors.
-
#on_session_route_remove(session, route) ⇒ Object
:category: ::Msf::SessionEvent implementors.
-
#on_session_script_run(session, script) ⇒ Object
:category: ::Msf::SessionEvent implementors.
-
#on_session_upload(session, lpath, rpath) ⇒ Object
:category: ::Msf::SessionEvent implementors.
-
#on_ui_command(command) ⇒ Object
:category: ::Msf::UiEventSubscriber implementors.
-
#on_ui_start(rev) ⇒ Object
:category: ::Msf::UiEventSubscriber implementors.
-
#on_ui_stop ⇒ Object
:category: ::Msf::UiEventSubscriber implementors.
- #report_event(data) ⇒ Object
-
#session_event(name, session, opts = {}) ⇒ Object
Generic handler for session events.
Methods included from SessionEvent
#on_session_filedelete, #on_session_interact
Methods included from GeneralEventSubscriber
#on_module_created, #on_module_load
Constructor Details
#initialize(framework) ⇒ FrameworkEventSubscriber
Returns a new instance of FrameworkEventSubscriber.
311 312 313 |
# File 'lib/msf/core/framework.rb', line 311 def initialize(framework) self.framework = framework end |
Instance Method Details
#module_event(name, instance, opts = {}) ⇒ Object
Generic handler for module events
326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 |
# File 'lib/msf/core/framework.rb', line 326 def module_event(name, instance, opts={}) if framework.db.active event = { :workspace => framework.db.find_workspace(instance.workspace), :name => name, :username => instance.owner, :info => { :module_name => instance.fullname, :module_uuid => instance.uuid }.merge(opts) } report_event(event) end end |
#on_module_complete(instance) ⇒ Object
:category: ::Msf::GeneralEventSubscriber implementors
351 352 353 |
# File 'lib/msf/core/framework.rb', line 351 def on_module_complete(instance) module_event('module_complete', instance) end |
#on_module_error(instance, exception = nil) ⇒ Object
:category: ::Msf::GeneralEventSubscriber implementors
357 358 359 |
# File 'lib/msf/core/framework.rb', line 357 def on_module_error(instance, exception=nil) module_event('module_error', instance, :exception => exception.to_s) end |
#on_module_run(instance) ⇒ Object
:category: ::Msf::GeneralEventSubscriber implementors
344 345 346 347 |
# File 'lib/msf/core/framework.rb', line 344 def on_module_run(instance) opts = { :datastore => instance.datastore.to_h } module_event('module_run', instance, opts) end |
#on_session_close(session, reason = '') ⇒ Object
:category: ::Msf::SessionEvent implementors
466 467 468 469 470 471 472 473 474 |
# File 'lib/msf/core/framework.rb', line 466 def on_session_close(session, reason='') session_event('session_close', session) if session.db_record # Don't bother saving here, the session's cleanup method will take # care of that later. session.db_record.close_reason = reason session.db_record.closed_at = Time.now.utc end end |
#on_session_command(session, command) ⇒ Object
:category: ::Msf::SessionEvent implementors
482 483 484 485 486 487 488 489 |
# File 'lib/msf/core/framework.rb', line 482 def on_session_command(session, command) session_event('session_command', session, :command => command) framework.db.report_session_event({ :etype => 'command', :session => session, :command => command }) end |
#on_session_download(session, rpath, lpath) ⇒ Object
:category: ::Msf::SessionEvent implementors
454 455 456 457 458 459 460 461 462 |
# File 'lib/msf/core/framework.rb', line 454 def on_session_download(session, rpath, lpath) session_event('session_download', session, :local_path => lpath, :remote_path => rpath) framework.db.report_session_event({ :etype => 'download', :session => session, :local_path => lpath, :remote_path => rpath }) end |
#on_session_module_run(session, mod) ⇒ Object
:category: ::Msf::SessionEvent implementors
538 539 540 541 542 543 544 |
# File 'lib/msf/core/framework.rb', line 538 def on_session_module_run(session, mod) framework.db.report_session_event({ :etype => 'module_run', :session => session, :local_path => mod.fullname }) end |
#on_session_open(session) ⇒ Object
:category: ::Msf::SessionEvent implementors
435 436 437 438 439 |
# File 'lib/msf/core/framework.rb', line 435 def on_session_open(session) opts = { :datastore => session.exploit_datastore.to_h, :critical => true } session_event('session_open', session, opts) framework.db.report_session(:session => session) end |
#on_session_output(session, output) ⇒ Object
:category: ::Msf::SessionEvent implementors
493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 |
# File 'lib/msf/core/framework.rb', line 493 def on_session_output(session, output) # Break up the output into chunks that will fit into the database. buff = output.dup chunks = [] if buff.length > 1024 while buff.length > 0 chunks << buff.slice!(0,1024) end else chunks << buff end chunks.each { |chunk| session_event('session_output', session, :output => chunk) framework.db.report_session_event({ :etype => 'output', :session => session, :output => chunk }) } end |
#on_session_route(session, route) ⇒ Object
:category: ::Msf::SessionEvent implementors
516 517 518 |
# File 'lib/msf/core/framework.rb', line 516 def on_session_route(session, route) framework.db.report_session_route({session: session, route: route}) end |
#on_session_route_remove(session, route) ⇒ Object
:category: ::Msf::SessionEvent implementors
522 523 524 |
# File 'lib/msf/core/framework.rb', line 522 def on_session_route_remove(session, route) framework.db.report_session_route_remove({session: session, route: route}) end |
#on_session_script_run(session, script) ⇒ Object
:category: ::Msf::SessionEvent implementors
528 529 530 531 532 533 534 |
# File 'lib/msf/core/framework.rb', line 528 def on_session_script_run(session, script) framework.db.report_session_event({ :etype => 'script_run', :session => session, :local_path => script }) end |
#on_session_upload(session, lpath, rpath) ⇒ Object
:category: ::Msf::SessionEvent implementors
443 444 445 446 447 448 449 450 451 |
# File 'lib/msf/core/framework.rb', line 443 def on_session_upload(session, lpath, rpath) session_event('session_upload', session, :local_path => lpath, :remote_path => rpath) framework.db.report_session_event({ :etype => 'upload', :session => session, :local_path => lpath, :remote_path => rpath }) end |
#on_ui_command(command) ⇒ Object
:category: ::Msf::UiEventSubscriber implementors
364 365 366 367 368 |
# File 'lib/msf/core/framework.rb', line 364 def on_ui_command(command) if (framework.db and framework.db.active) report_event(:name => "ui_command", :info => {:command => command}) end end |
#on_ui_start(rev) ⇒ Object
:category: ::Msf::UiEventSubscriber implementors
380 381 382 383 384 385 386 387 388 |
# File 'lib/msf/core/framework.rb', line 380 def on_ui_start(rev) # # The database is not active at startup time unless msfconsole was # started with a database.yml, so this event won't always be saved to # the db. Not great, but best we can do. # info = { :revision => rev } report_event(:name => "ui_start", :info => info) end |
#on_ui_stop ⇒ Object
:category: ::Msf::UiEventSubscriber implementors
372 373 374 375 376 |
# File 'lib/msf/core/framework.rb', line 372 def on_ui_stop() if (framework.db and framework.db.active) report_event(:name => "ui_stop") end end |
#report_event(data) ⇒ Object
315 316 317 318 319 |
# File 'lib/msf/core/framework.rb', line 315 def report_event(data) if framework.db.active framework.db.report_event(data) end end |
#session_event(name, session, opts = {}) ⇒ Object
Generic handler for session events
396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 |
# File 'lib/msf/core/framework.rb', line 396 def session_event(name, session, opts={}) address = session.session_host if not (address and address.length > 0) elog("Session with no session_host/target_host/tunnel_peer. Session Info: #{session.inspect}") return end if framework.db.active ws = framework.db.find_workspace(session.workspace) opts.each_key do |attr| opts[attr].force_encoding('UTF-8') if opts[attr].is_a?(String) end event = { :workspace => ws, :username => session.username, :name => name, :host => address, :info => { :session_id => session.sid, :session_info => session.info, :session_uuid => session.uuid, :session_type => session.type, :username => session.username, :target_host => address, :via_exploit => session.via_exploit, :via_payload => session.via_payload, :tunnel_peer => session.tunnel_peer, :exploit_uuid => session.exploit_uuid }.merge(opts) } report_event(event) end end |